MGASA-2014-0251

Source
https://advisories.mageia.org/MGASA-2014-0251.html
Import Source
https://advisories.mageia.org/MGASA-2014-0251.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2014-0251
Upstream
  • CVE-2014-3215
Published
2014-06-06T05:49:51Z
Modified
2026-04-16T06:25:03.140452486Z
Summary
Updated libcap-ng packages fix CVE-2014-3215
Details

Updated libcap-ng packages fix security vulnerability:

capng_lock() in libcap-ng before 0.7.4 sets securebits in an attempt to prevent regaining capabilities using setuid-root programs. This allows a user to run setuid programs, such as seunshare from policycoreutils, as uid 0 but without capabilities, which is potentially dangerous (CVE-2014-3215).

References
Credits

Affected packages

Mageia:3 / libcap-ng

Package

Name
libcap-ng
Purl
pkg:rpm/mageia/libcap-ng?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7.3-2.1.mga3

Ecosystem specific

{
    "section": "core"
}

Database specific

source
"https://advisories.mageia.org/MGASA-2014-0251.json"

Mageia:4 / libcap-ng

Package

Name
libcap-ng
Purl
pkg:rpm/mageia/libcap-ng?arch=source&distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7.3-3.1.mga4

Ecosystem specific

{
    "section": "core"
}

Database specific

source
"https://advisories.mageia.org/MGASA-2014-0251.json"